package com.lbm.business.web.controller;

import java.util.Enumeration;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.web.servlet.ModelAndView;
import com.lbm.baseclass.utils.Eryptogram;
import com.lbm.baseclass.constants.Consts;
import com.lbm.baseclass.controller.LBMBaseController;
import com.lbm.business.service.IUserInfoService;
import com.lbm.model.RoleUser;
import com.lbm.model.UserInfo;

public class LoginController extends LBMBaseController{
	private IUserInfoService userInfoService;
	public void setUserInfoService(IUserInfoService userInfoService) {
		this.userInfoService = userInfoService;
	}
	/**
	 * 获取用户菜单
	 * 
	 * @param request
	 * @param response
	 * @throws Exception
	 * @author zhuq
	 * @since 2011-6-13
	 */
	public void getMenus(HttpServletRequest request,
			HttpServletResponse response) throws Exception {
		List<RoleUser> list=baseService.getValueObjectsByHQL("from RoleUser where userid='"+getUserId(request)+"'");
		String[] roleids=new String[list.size()];
		for(int i=0;i<list.size();i++){
			roleids[i]=list.get(i).getRoleid();
		}
		String menus = baseService.getMenus("",roleids);
		renderJson(response, menus);
	}
	/**
	* 登陆系统
	* @param request
	* @param response
	* @return
	* @throws Exception
	*/
	public ModelAndView login(HttpServletRequest request,HttpServletResponse response)throws Exception
	{
		ModelAndView mv=new ModelAndView(v_list);
		List<UserInfo> list=userInfoService.getUserinfoByHQL("from UserInfo where userName='"+request.getParameter("userName")+"'");
		if(list.size()!=0){
			if(Eryptogram.getUserPasswd(request.getParameter("userPW")).equals(list.get(0).getUserPW())){
				List<RoleUser> roles=baseService.getValueObjectsByHQL("from RoleUser where userid='"+list.get(0).getUserid()+"'");
				if(roles.size()!=0){
					mv.setViewName(v_index);
					String role="''";
					for(RoleUser temp : roles){
						role+=",'"+temp.getRoleid()+"'";
					}
					List<Map<String, Object>> maps=baseService.queryForListBySQL("select modulecode,operate_code from(select modulecode,operateid as module_operateid from t_role_module left join t_moduleinfo using(moduleid)  where roleid in("+role+")) t left join t_module_operate using(module_operateid)");
					putSession(request, Consts.USER_INFO, list.get(0));
					putSession(request, Consts.USER_PRIVILEGES_DATA, maps);
					putSession(request, Consts.USER_ID, list.get(0).getUserid());
					putSession(request, Consts.USER_NAME,list.get(0).getUserName());
					mv.addObject("userinfo", list.get(0));
				}else mv.addObject("msg", "该用户无登陆权限，请联系管理员");
			}
			else mv.addObject("msg", "密码错误！");
		}
		else mv.addObject("msg", "用户不存在！");
		return mv;
	}
	/**
	 * 注销登陆
	 * @param request
	 * @param response
	 * @return
	 * @throws Exception
	 * @author zhuq
	 * @since 2011-12-18
	 */
	@SuppressWarnings("unchecked")
	public ModelAndView logout(HttpServletRequest request, HttpServletResponse response) throws Exception {
		ModelAndView mv=new ModelAndView(v_list);
		Enumeration<String> names = request.getAttributeNames();
		HttpSession session = request.getSession();
		names = session.getAttributeNames();
		while (names.hasMoreElements()) {
			String name = names.nextElement();
			request.removeAttribute(name);
			session.removeAttribute(name);
		}
		session.invalidate();
		mv.addObject("msg", "");
		return mv;
	}
}
